Operating systems redefined

Security breaches involving today's operating systems are very common. As viruses and worms wreak havoc on most computer systems, researchers are looking at ways to improve vulnerabilities. That said, since software is developed by humans, it will infallibly come with reliability and security issues. The EU-funded R3S3 (Research on really reliable and secure systems software) project sought to overcome this by developing an operating system that is much less prone to bugs.

To achieve its aims, the project team build an operating system that is much smaller than current ones. To illustrate, Windows and Linux feature millions of lines of code, and commercial software has anywhere between 1 and 10 bugs per only 1 000 lines of code. The team built a light operating system with only about 9 000 lines of code that runs using several servers and device drivers protected by the hardware from interfering with one another.

This modular design, with limited access among components, boasts a self-healing ability with enhanced security, where often a failed component can be rapidly replaced while the system runs. R3S3 also enabled system updates from one version to another while in operation, circumventing the need to shut down sensitive systems such as banking software, e-commerce servers and nuclear reactors.

Importantly, the operating system can be intentionally varied or updated every few seconds, making it virtually impossible for intruders to attack as they don't know much about its ever-shifting structure. Tests have shown that the new operating system is highly dependable, dealing with purposely injected faults much more robustly than current systems.

Improvements have also been achieved by splitting the operating system into multiple components and running them on different cores, breaking away from how central processing unit chips use their multiple cores together. In some cases, the slower cores have outperformed faster cores due to fewer context switches. With more new chips starting to feature heterogeneous cores, these developments could be exploited to enhance safety and speed.

Lastly, the project team examined how to create a more robust file system by shifting from the traditional block-oriented stack to a file-oriented one, with several positive implications for file security. The research will be beneficial in developing future platforms that enhance security in a myriad of ways.